Логотип exploitDog
bind:CVE-2013-5739
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2013-5739

Количество 4

Количество 4

ubuntu логотип

CVE-2013-5739

почти 12 лет назад

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2013-5739

почти 12 лет назад

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2013-5739

почти 12 лет назад

The default configuration of WordPress before 3.6.1 does not prevent u ...

CVSS2: 3.5
EPSS: Низкий
github логотип

GHSA-v4p8-jvp4-22m6

около 3 лет назад

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS2: 3.5
0%
Низкий
почти 12 лет назад
nvd логотип
CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS2: 3.5
0%
Низкий
почти 12 лет назад
debian логотип
CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent u ...

CVSS2: 3.5
0%
Низкий
почти 12 лет назад
github логотип
GHSA-v4p8-jvp4-22m6

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

0%
Низкий
около 3 лет назад

Уязвимостей на страницу